const express = require('express')
// const path = require('path')
// const favicon = require('serve-favicon')
const logger = require('morgan')
// const cookieParser = require('cookie-parser')
const bodyParser = require('body-parser')

const routes = require('./routes/index')

const app = express()
const cors = require('cors')
// const helmet = require('helmet')
// const RateLimit = require('express-rate-limit')

app.use(cors())
// app.use(helmet())

app.use((req, res, next) => {
  res.contentType('application/json')
  next()
})


// app.enable('trust proxy')
// only if you're behind a reverse proxy (Heroku, Bluemix, AWS if you use an ELB, custom Nginx setup, etc)

// const apiLimiter = new RateLimit({
//   windowMs: 60 * 60 * 1000, // 60 minutes
//   max: 5,
//   delayMs: 0 // disabled
// })
// app.use('/api/v1', apiLimiter)

// view engine setup
// app.set('views', path.join(__dirname, 'views'))
// app.set('view engine', 'ejs')

// uncomment after placing your favicon in /public
// app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')))
app.use(logger('dev'))
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
// app.use(cookieParser());
// app.use(express.static(path.join(__dirname, 'static')))

app.use('/api/v1', routes)

// catch 404 and forward to error handler
app.use((req, res, next) => {
  var err = new Error('Not Found')
  err.status = 404
  next(err)
})

// error handlers

// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
  app.use((err, req, res) => {
    res.status(err.status || 500)
    res.json({
      message: err.message,
      error: err
    })
  })
}

// production error handler
// no stacktraces leaked to user
app.use((err, req, res) => {
  res.status(err.status || 500)
  res.json({
    message: err.message,
    error: {}
  })
})

module.exports = app
